From last year, cyber attacks on WordPress has been increased and that too also because of vulnerable Plugins. Hope you all know about the WordPress Plugins, as it gives extra customization and features to the WordPress sites.
Here are some basic recommendation on how to improve your WordPress site's security, and tighten the security level.
1. Keep WordPress core and Plugins Update
As I have already mentioned that WordPress Site gets hacked mostly by Vulnerable plugins and themes, so first recommend from my side is to keep the Plugins and WordPress CMS up to date. There are many Plugins which are still vulnerable to different attacks attackers can easily find the exploitation of the vulnerability on google.
More over many times security researcher discoverers vulnerability on WordPress core, which acts as a Zero-Day for a while, but WordPress team tries to release the patch as soon as possible. So It is always recommends to update your WordPress Core to the latest one.
It is always recommend to all internet user to have the strong and complex password for there accounts. Always choose complex and long passwords for the authentication. If your site have multiple users then force them to register with the strong password. As a site admin, you can install WP Password Policy Manager or Force Strong Passwords to make users setup accounts with stronger passwords, even if they like it or not.
Taking Strong and complex password makes the attackers works quite hard to crack it.
3. Backup's for Secure
Having the site automatically backup itself at regular time intervals allows you to go back in time before any "malfunction" or point of attack. For this there are many Plugins available for this task, and for this you can simply search for it from the plugins panel.